@twin.org/node-core 0.0.2-next.11 → 0.0.2-next.13

package/dist/cjs/index.cjs

@@ -153,9 +153,7 @@ async function bootstrap(engineCore, context, envVars) {
     await bootstrapBlobEncryption(engineCore, context, envVars);
     await addVerificationMethod(engineCore, context, "attestation", envVars.attestationVerificationMethodId);
     await addVerificationMethod(engineCore, context, "immutable proof", envVars.immutableProofVerificationMethodId);
-    if (core.Coerce.boolean(envVars.rightsManagementEnabled) ?? false) {
-        await addVerificationMethod(engineCore, context, "rights management", envVars.rightsManagementNegotiationMethodId);
-    }
+    await addVerificationMethod(engineCore, context, "node to node authentication", envVars.vcAuthenticationVerificationMethodId);
     await bootstrapSynchronisedStorage(engineCore, context, envVars);
 }
 /**
@@ -494,8 +492,6 @@ async function bootstrapAuth(engineCore, context, envVars, features) {
  */
 async function bootstrapSynchronisedStorage(engineCore, context, envVars, features) {
     if (core.Coerce.boolean(envVars.synchronisedStorageEnabled) ?? false) {
-        // Add the verification method to the identity if it doesn't exist
-        await addVerificationMethod(engineCore, context, "synchronised storage", envVars.synchronisedStorageVerificationMethodId);
         // If this is a trusted node we need to add the blob encryption key pair
         if (core.Is.stringValue(envVars.synchronisedStorageBlobStorageEncryptionKeyId) &&
             core.Is.stringBase64(envVars.synchronisedStorageBlobStorageKey)) {
@@ -574,8 +570,7 @@ function buildEngineConfiguration(envVars) {
     envVars.blobStorageEnableEncryption ??= "false";
     envVars.blobStorageEncryptionKeyId ??= "blob-encryption";
     envVars.synchronisedStorageBlobStorageEncryptionKeyId ??= "synchronised-storage-blob-encryption";
-    envVars.synchronisedStorageVerificationMethodId ??= "synchronised-storage-assertion";
-    envVars.rightsManagementNegotiationMethodId ??= "policy-negotiation-assertion";
+    envVars.vcAuthenticationVerificationMethodId ??= "node-authentication-assertion";
     const coreConfig = {
         debug: core.Coerce.boolean(envVars.debug) ?? false,
         types: {}
@@ -602,6 +597,7 @@ function buildEngineConfiguration(envVars) {
     configureAuditableItemGraph(coreConfig);
     configureAuditableItemStream(coreConfig);
     configureDocumentManagement(coreConfig);
+    configureNodeToNode(coreConfig, envVars);
     configureRightsManagement(coreConfig, envVars);
     configureSynchronisedStorage(coreConfig, envVars);
     configureFederatedCatalogue(coreConfig, envVars);
@@ -1358,6 +1354,24 @@ function configureDocumentManagement(coreConfig, envVars) {
         });
     }
 }
+/**
+ * Configures the node to node.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureNodeToNode(coreConfig, envVars) {
+    if (core.Is.arrayValue(coreConfig.types.identityComponent)) {
+        // Can only perform VC authentication if identity component is available
+        coreConfig.types.authenticationGeneratorComponent ??= [];
+        coreConfig.types.authenticationGeneratorComponent.push({
+            type: engineTypes.AuthenticationGeneratorComponentType.VerifiableCredential,
+            options: {
+                config: { verificationMethodId: envVars.vcAuthenticationVerificationMethodId ?? "" }
+            },
+            features: ["verifiable-credential"]
+        });
+    }
+}
 /**
  * Configures the rights management.
  * @param coreConfig The core config.
@@ -1393,7 +1407,12 @@ function configureRightsManagement(coreConfig, envVars) {
         });
         coreConfig.types.rightsManagementPdpComponent ??= [];
         coreConfig.types.rightsManagementPdpComponent.push({
-            type: engineTypes.RightsManagementPdpComponentType.Service
+            type: engineTypes.RightsManagementPdpComponentType.Service,
+            options: {
+                arbiterModulesConfig: core.Is.arrayValue(envVars.rightsManagementArbiters)
+                    ? envVars.rightsManagementArbiters
+                    : undefined
+            }
         });
         coreConfig.types.rightsManagementPepComponent ??= [];
         coreConfig.types.rightsManagementPepComponent.push({
@@ -1410,20 +1429,33 @@ function configureRightsManagement(coreConfig, envVars) {
             options: {
                 negotiatorModulesConfig: core.Is.arrayValue(envVars.rightsManagementNegotiators)
                     ? envVars.rightsManagementNegotiators
-                    : undefined
+                    : undefined,
+                requesterModulesConfig: core.Is.arrayValue(envVars.rightsManagementRequesters)
+                    ? envVars.rightsManagementRequesters
+                    : undefined,
+                config: {
+                    baseCallbackUrl: envVars.rightsManagementBaseCallbackUrl ?? "",
+                    offers: core.Is.arrayValue(envVars.rightsManagementOffers)
+                        ? envVars.rightsManagementOffers
+                        : [],
+                    negotiationComponentCreator: async (url) => new rightsManagementRestClient.PolicyNegotiationPointClient({ endpoint: url })
+                }
             }
         });
         coreConfig.types.rightsManagementPnapComponent ??= [];
         coreConfig.types.rightsManagementPnapComponent.push({
             type: engineTypes.RightsManagementPnapComponentType.Service
         });
-        coreConfig.types.rightsManagementPnrpComponent ??= [];
-        coreConfig.types.rightsManagementPnrpComponent.push({
-            type: engineTypes.RightsManagementPnrpComponentType.Service,
+        coreConfig.types.rightsManagementDapComponent ??= [];
+        coreConfig.types.rightsManagementDapComponent.push({
+            type: engineTypes.RightsManagementDapComponentType.Service
+        });
+        coreConfig.types.rightsManagementDarpComponent ??= [];
+        coreConfig.types.rightsManagementDarpComponent.push({
+            type: engineTypes.RightsManagementDarpComponentType.Service,
             options: {
                 config: {
-                    negotiationMethodId: envVars.rightsManagementNegotiationMethodId ?? "",
-                    negotiationComponentCreator: async (url) => new rightsManagementRestClient.PolicyNegotiationPointClient({ endpoint: url })
+                    dataAccessComponentCreator: async (url) => new rightsManagementRestClient.DataAccessPointClient({ endpoint: url })
                 }
             }
         });
@@ -1462,7 +1494,6 @@ function configureSynchronisedStorage(coreConfig, envVars) {
             options: {
                 config: {
                     verifiableStorageKeyId: verifiableStorageKeyId ?? "",
-                    synchronisedStorageMethodId: envVars.synchronisedStorageVerificationMethodId,
                     blobStorageEncryptionKeyId: envVars.synchronisedStorageBlobStorageEncryptionKeyId,
                     entityUpdateIntervalMinutes: core.Coerce.number(envVars.synchronisedStorageEntityUpdateIntervalMinutes),
                     consolidationIntervalMinutes: core.Coerce.number(envVars.synchronisedStorageConsolidationIntervalMinutes),
@@ -1695,6 +1726,14 @@ function buildEngineServerConfiguration(envVars, coreEngineConfig, serverInfo, o
             }
         });
     }
+    if (core.Coerce.boolean(envVars.enableVerifiableCredentialRouteProcessors) ?? false) {
+        serverConfig.types.restRouteProcessor.push({
+            type: engineServerTypes.RestRouteProcessorType.AuthVerifiableCredential
+        });
+        serverConfig.types.socketRouteProcessor.push({
+            type: engineServerTypes.SocketRouteProcessorType.AuthVerifiableCredential
+        });
+    }
     engineServer.addDefaultRestPaths(serverConfig);
     engineServer.addDefaultSocketPaths(serverConfig);
     return serverConfig;
@@ -1767,7 +1806,7 @@ async function run(nodeOptions) {
         nodeOptions ??= {};
         const serverInfo = {
             name: nodeOptions?.serverName ?? "TWIN Node Server",
-            version: nodeOptions?.serverVersion ?? "0.0.2-next.11" // x-release-please-version
+            version: nodeOptions?.serverVersion ?? "0.0.2-next.13" // x-release-please-version
         };
         console.log(`\u001B[4m🌩️  ${serverInfo.name} v${serverInfo.version}\u001B[24m\n`);
         if (!core.Is.stringValue(nodeOptions?.executionDirectory)) {

package/dist/esm/index.mjs

@@ -1,15 +1,15 @@
 import { PasswordHelper } from '@twin.org/api-auth-entity-storage-service';
-import { I18n, Is, Coerce, Converter, RandomHelper, StringHelper, Urn, GeneralError, ErrorHelper, EnvHelper } from '@twin.org/core';
+import { I18n, Is, Converter, RandomHelper, StringHelper, Coerce, Urn, GeneralError, ErrorHelper, EnvHelper } from '@twin.org/core';
 import { PasswordGenerator, Bip39 } from '@twin.org/crypto';
 import { AuthenticationComponentType, InformationComponentType, RestRouteProcessorType, SocketRouteProcessorType, AuthenticationAdminComponentType } from '@twin.org/engine-server-types';
-import { WalletConnectorType, IdentityConnectorType, EntityStorageConnectorType, BlobStorageConnectorType, BlobStorageComponentType, VaultConnectorType, DltConfigType, LoggingConnectorType, LoggingComponentType, BackgroundTaskConnectorType, TaskSchedulerComponentType, EventBusConnectorType, EventBusComponentType, TelemetryConnectorType, TelemetryComponentType, MessagingEmailConnectorType, MessagingSmsConnectorType, MessagingPushNotificationConnectorType, MessagingComponentType, FaucetConnectorType, NftConnectorType, NftComponentType, VerifiableStorageConnectorType, VerifiableStorageComponentType, ImmutableProofComponentType, AuditableItemGraphComponentType, AuditableItemStreamComponentType, IdentityComponentType, IdentityResolverConnectorType, IdentityResolverComponentType, IdentityProfileConnectorType, IdentityProfileComponentType, AttestationConnectorType, AttestationComponentType, DataConverterConnectorType, DataExtractorConnectorType, DataProcessingComponentType, DocumentManagementComponentType, RightsManagementPapComponentType, RightsManagementPmpComponentType, RightsManagementPipComponentType, RightsManagementPxpComponentType, RightsManagementPdpComponentType, RightsManagementPepComponentType, RightsManagementPnpComponentType, RightsManagementPnapComponentType, RightsManagementPnrpComponentType, SynchronisedStorageComponentType, FederatedCatalogueComponentType, DataSpaceConnectorComponentType } from '@twin.org/engine-types';
+import { WalletConnectorType, IdentityConnectorType, EntityStorageConnectorType, BlobStorageConnectorType, BlobStorageComponentType, VaultConnectorType, DltConfigType, LoggingConnectorType, LoggingComponentType, BackgroundTaskConnectorType, TaskSchedulerComponentType, EventBusConnectorType, EventBusComponentType, TelemetryConnectorType, TelemetryComponentType, MessagingEmailConnectorType, MessagingSmsConnectorType, MessagingPushNotificationConnectorType, MessagingComponentType, FaucetConnectorType, NftConnectorType, NftComponentType, VerifiableStorageConnectorType, VerifiableStorageComponentType, ImmutableProofComponentType, AuditableItemGraphComponentType, AuditableItemStreamComponentType, IdentityComponentType, IdentityResolverConnectorType, IdentityResolverComponentType, IdentityProfileConnectorType, IdentityProfileComponentType, AttestationConnectorType, AttestationComponentType, DataConverterConnectorType, DataExtractorConnectorType, DataProcessingComponentType, DocumentManagementComponentType, AuthenticationGeneratorComponentType, RightsManagementPapComponentType, RightsManagementPmpComponentType, RightsManagementPipComponentType, RightsManagementPxpComponentType, RightsManagementPdpComponentType, RightsManagementPepComponentType, RightsManagementPnpComponentType, RightsManagementPnapComponentType, RightsManagementDapComponentType, RightsManagementDarpComponentType, SynchronisedStorageComponentType, FederatedCatalogueComponentType, DataSpaceConnectorComponentType } from '@twin.org/engine-types';
 import { EntityStorageConnectorFactory } from '@twin.org/entity-storage-models';
 import { IdentityProfileConnectorFactory, IdentityConnectorFactory, IdentityResolverConnectorFactory, DocumentHelper } from '@twin.org/identity-models';
 import { VaultConnectorFactory, VaultKeyType } from '@twin.org/vault-models';
 import { WalletConnectorFactory } from '@twin.org/wallet-models';
 import { readFile, stat } from 'node:fs/promises';
 import path from 'node:path';
-import { PolicyNegotiationPointClient } from '@twin.org/rights-management-rest-client';
+import { PolicyNegotiationPointClient, DataAccessPointClient } from '@twin.org/rights-management-rest-client';
 import { addDefaultRestPaths, addDefaultSocketPaths, EngineServer } from '@twin.org/engine-server';
 import { ModuleHelper } from '@twin.org/modules';
 import * as dotenv from 'dotenv';
@@ -132,9 +132,7 @@ async function bootstrap(engineCore, context, envVars) {
     await bootstrapBlobEncryption(engineCore, context, envVars);
     await addVerificationMethod(engineCore, context, "attestation", envVars.attestationVerificationMethodId);
     await addVerificationMethod(engineCore, context, "immutable proof", envVars.immutableProofVerificationMethodId);
-    if (Coerce.boolean(envVars.rightsManagementEnabled) ?? false) {
-        await addVerificationMethod(engineCore, context, "rights management", envVars.rightsManagementNegotiationMethodId);
-    }
+    await addVerificationMethod(engineCore, context, "node to node authentication", envVars.vcAuthenticationVerificationMethodId);
     await bootstrapSynchronisedStorage(engineCore, context, envVars);
 }
 /**
@@ -473,8 +471,6 @@ async function bootstrapAuth(engineCore, context, envVars, features) {
  */
 async function bootstrapSynchronisedStorage(engineCore, context, envVars, features) {
     if (Coerce.boolean(envVars.synchronisedStorageEnabled) ?? false) {
-        // Add the verification method to the identity if it doesn't exist
-        await addVerificationMethod(engineCore, context, "synchronised storage", envVars.synchronisedStorageVerificationMethodId);
         // If this is a trusted node we need to add the blob encryption key pair
         if (Is.stringValue(envVars.synchronisedStorageBlobStorageEncryptionKeyId) &&
             Is.stringBase64(envVars.synchronisedStorageBlobStorageKey)) {
@@ -553,8 +549,7 @@ function buildEngineConfiguration(envVars) {
     envVars.blobStorageEnableEncryption ??= "false";
     envVars.blobStorageEncryptionKeyId ??= "blob-encryption";
     envVars.synchronisedStorageBlobStorageEncryptionKeyId ??= "synchronised-storage-blob-encryption";
-    envVars.synchronisedStorageVerificationMethodId ??= "synchronised-storage-assertion";
-    envVars.rightsManagementNegotiationMethodId ??= "policy-negotiation-assertion";
+    envVars.vcAuthenticationVerificationMethodId ??= "node-authentication-assertion";
     const coreConfig = {
         debug: Coerce.boolean(envVars.debug) ?? false,
         types: {}
@@ -581,6 +576,7 @@ function buildEngineConfiguration(envVars) {
     configureAuditableItemGraph(coreConfig);
     configureAuditableItemStream(coreConfig);
     configureDocumentManagement(coreConfig);
+    configureNodeToNode(coreConfig, envVars);
     configureRightsManagement(coreConfig, envVars);
     configureSynchronisedStorage(coreConfig, envVars);
     configureFederatedCatalogue(coreConfig, envVars);
@@ -1337,6 +1333,24 @@ function configureDocumentManagement(coreConfig, envVars) {
         });
     }
 }
+/**
+ * Configures the node to node.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureNodeToNode(coreConfig, envVars) {
+    if (Is.arrayValue(coreConfig.types.identityComponent)) {
+        // Can only perform VC authentication if identity component is available
+        coreConfig.types.authenticationGeneratorComponent ??= [];
+        coreConfig.types.authenticationGeneratorComponent.push({
+            type: AuthenticationGeneratorComponentType.VerifiableCredential,
+            options: {
+                config: { verificationMethodId: envVars.vcAuthenticationVerificationMethodId ?? "" }
+            },
+            features: ["verifiable-credential"]
+        });
+    }
+}
 /**
  * Configures the rights management.
  * @param coreConfig The core config.
@@ -1372,7 +1386,12 @@ function configureRightsManagement(coreConfig, envVars) {
         });
         coreConfig.types.rightsManagementPdpComponent ??= [];
         coreConfig.types.rightsManagementPdpComponent.push({
-            type: RightsManagementPdpComponentType.Service
+            type: RightsManagementPdpComponentType.Service,
+            options: {
+                arbiterModulesConfig: Is.arrayValue(envVars.rightsManagementArbiters)
+                    ? envVars.rightsManagementArbiters
+                    : undefined
+            }
         });
         coreConfig.types.rightsManagementPepComponent ??= [];
         coreConfig.types.rightsManagementPepComponent.push({
@@ -1389,20 +1408,33 @@ function configureRightsManagement(coreConfig, envVars) {
             options: {
                 negotiatorModulesConfig: Is.arrayValue(envVars.rightsManagementNegotiators)
                     ? envVars.rightsManagementNegotiators
-                    : undefined
+                    : undefined,
+                requesterModulesConfig: Is.arrayValue(envVars.rightsManagementRequesters)
+                    ? envVars.rightsManagementRequesters
+                    : undefined,
+                config: {
+                    baseCallbackUrl: envVars.rightsManagementBaseCallbackUrl ?? "",
+                    offers: Is.arrayValue(envVars.rightsManagementOffers)
+                        ? envVars.rightsManagementOffers
+                        : [],
+                    negotiationComponentCreator: async (url) => new PolicyNegotiationPointClient({ endpoint: url })
+                }
             }
         });
         coreConfig.types.rightsManagementPnapComponent ??= [];
         coreConfig.types.rightsManagementPnapComponent.push({
             type: RightsManagementPnapComponentType.Service
         });
-        coreConfig.types.rightsManagementPnrpComponent ??= [];
-        coreConfig.types.rightsManagementPnrpComponent.push({
-            type: RightsManagementPnrpComponentType.Service,
+        coreConfig.types.rightsManagementDapComponent ??= [];
+        coreConfig.types.rightsManagementDapComponent.push({
+            type: RightsManagementDapComponentType.Service
+        });
+        coreConfig.types.rightsManagementDarpComponent ??= [];
+        coreConfig.types.rightsManagementDarpComponent.push({
+            type: RightsManagementDarpComponentType.Service,
             options: {
                 config: {
-                    negotiationMethodId: envVars.rightsManagementNegotiationMethodId ?? "",
-                    negotiationComponentCreator: async (url) => new PolicyNegotiationPointClient({ endpoint: url })
+                    dataAccessComponentCreator: async (url) => new DataAccessPointClient({ endpoint: url })
                 }
             }
         });
@@ -1441,7 +1473,6 @@ function configureSynchronisedStorage(coreConfig, envVars) {
             options: {
                 config: {
                     verifiableStorageKeyId: verifiableStorageKeyId ?? "",
-                    synchronisedStorageMethodId: envVars.synchronisedStorageVerificationMethodId,
                     blobStorageEncryptionKeyId: envVars.synchronisedStorageBlobStorageEncryptionKeyId,
                     entityUpdateIntervalMinutes: Coerce.number(envVars.synchronisedStorageEntityUpdateIntervalMinutes),
                     consolidationIntervalMinutes: Coerce.number(envVars.synchronisedStorageConsolidationIntervalMinutes),
@@ -1674,6 +1705,14 @@ function buildEngineServerConfiguration(envVars, coreEngineConfig, serverInfo, o
             }
         });
     }
+    if (Coerce.boolean(envVars.enableVerifiableCredentialRouteProcessors) ?? false) {
+        serverConfig.types.restRouteProcessor.push({
+            type: RestRouteProcessorType.AuthVerifiableCredential
+        });
+        serverConfig.types.socketRouteProcessor.push({
+            type: SocketRouteProcessorType.AuthVerifiableCredential
+        });
+    }
     addDefaultRestPaths(serverConfig);
     addDefaultSocketPaths(serverConfig);
     return serverConfig;
@@ -1746,7 +1785,7 @@ async function run(nodeOptions) {
         nodeOptions ??= {};
         const serverInfo = {
             name: nodeOptions?.serverName ?? "TWIN Node Server",
-            version: nodeOptions?.serverVersion ?? "0.0.2-next.11" // x-release-please-version
+            version: nodeOptions?.serverVersion ?? "0.0.2-next.13" // x-release-please-version
         };
         console.log(`\u001B[4m🌩️  ${serverInfo.name} v${serverInfo.version}\u001B[24m\n`);
         if (!Is.stringValue(nodeOptions?.executionDirectory)) {

package/dist/types/models/IEngineEnvironmentVariables.d.ts

@@ -390,11 +390,6 @@ export interface IEngineEnvironmentVariables {
      * This only required if using a custom verifiable storage item, otherwise it will default the the network name.
      */
     synchronisedStorageVerifiableStorageKeyId?: string;
-    /**
-     * The identity verification method id to use with synchronised storage for signing/verifying changesets.
-     * Defaults to synchronised-storage-assertion.
-     */
-    synchronisedStorageVerificationMethodId?: string;
     /**
      * The key from the vault which is used to encrypt the synchronised storage blobs.
      * Only required for trusted nodes, as regular nodes will request from the trusted nodes.
@@ -443,20 +438,24 @@ export interface IEngineEnvironmentVariables {
      */
     rightsManagementEnabled?: string;
     /**
-     * The rights management verification method id to use when signing/verifying negotiation requests.
-     * Defaults to policy-negotiation-assertion.
+     * What is the base callback url for rights management negotiations e.g. https://my-node/rights-management.
      */
-    rightsManagementNegotiationMethodId?: string;
+    rightsManagementBaseCallbackUrl?: string;
+    /**
+     * The rights management configuration which includes the information sources modules to load.
+     * Use the @json: prefix to specify the path to the JSON configuration file.
+     */
+    rightsManagementInformationSources?: string;
     /**
      * The rights management configuration which includes the negotiator modules to load.
      * Use the @json: prefix to specify the path to the JSON configuration file.
      */
     rightsManagementNegotiators?: string;
     /**
-     * The rights management configuration which includes the information sources modules to load.
+     * The rights management configuration which includes the requester modules to load.
      * Use the @json: prefix to specify the path to the JSON configuration file.
      */
-    rightsManagementInformationSources?: string;
+    rightsManagementRequesters?: string;
     /**
      * The rights management configuration which includes the execution actions modules to load.
      * Use the @json: prefix to specify the path to the JSON configuration file.
@@ -467,6 +466,16 @@ export interface IEngineEnvironmentVariables {
      * Use the @json: prefix to specify the path to the JSON configuration file.
      */
     rightsManagementEnforcementProcessors?: string;
+    /**
+     * The rights management configuration which includes the arbiter modules to load.
+     * Use the @json: prefix to specify the path to the JSON configuration file.
+     */
+    rightsManagementArbiters?: string;
+    /**
+     * The rights management configuration which includes the offer modules to load.
+     * Use the @json: prefix to specify the path to the JSON configuration file.
+     */
+    rightsManagementOffers?: string;
     /**
      * Is the task scheduler enabled, defaults to false.
      */
@@ -480,4 +489,9 @@ export interface IEngineEnvironmentVariables {
      * Use the @json: prefix to specify the path to the JSON configuration file.
      */
     dataSpaceConnectorApps?: string;
+    /**
+     * Verifiable credential assertion for node to node communication.
+     * Defaults to node-authentication-assertion.
+     */
+    vcAuthenticationVerificationMethodId?: string;
 }

package/dist/types/models/IEngineServerEnvironmentVariables.d.ts

@@ -42,6 +42,10 @@ export interface IEngineServerEnvironmentVariables {
      * Additional MIME type processors to include, comma separated.
      */
     mimeTypeProcessors?: string;
+    /**
+     * Enable to the route processor for verifiable credentials.
+     */
+    enableVerifiableCredentialRouteProcessors?: string;
     /**
      * Disable Node Identity route processors.
      */

package/docs/changelog.md

@@ -1,5 +1,19 @@
 # @twin.org/node-core - Changelog
 
+## [0.0.2-next.13](https://github.com/twinfoundation/node/compare/node-core-v0.0.2-next.12...node-core-v0.0.2-next.13) (2025-09-24)
+
+
+### Features
+
+* update to latest engine ([00d4974](https://github.com/twinfoundation/node/commit/00d4974f9cfb02bf48505cfb4af4a7aba1df4b3d))
+
+## [0.0.2-next.12](https://github.com/twinfoundation/node/compare/node-core-v0.0.2-next.11...node-core-v0.0.2-next.12) (2025-09-19)
+
+
+### Features
+
+* update rights management components ([176a0d6](https://github.com/twinfoundation/node/commit/176a0d611f88360fc845ae233b26ee0b43d7cb23))
+
 ## [0.0.2-next.11](https://github.com/twinfoundation/node/compare/node-core-v0.0.2-next.10...node-core-v0.0.2-next.11) (2025-09-08)
 
 

package/docs/reference/interfaces/IEngineEnvironmentVariables.md

@@ -780,15 +780,6 @@ This only required if using a custom verifiable storage item, otherwise it will
 
 ***
 
-### synchronisedStorageVerificationMethodId?
-
-> `optional` **synchronisedStorageVerificationMethodId**: `string`
-
-The identity verification method id to use with synchronised storage for signing/verifying changesets.
-Defaults to synchronised-storage-assertion.
-
-***
-
 ### synchronisedStorageBlobStorageEncryptionKeyId?
 
 > `optional` **synchronisedStorageBlobStorageEncryptionKeyId**: `string`
@@ -896,12 +887,20 @@ Is the rights management enabled, defaults to false.
 
 ***
 
-### rightsManagementNegotiationMethodId?
+### rightsManagementBaseCallbackUrl?
 
-> `optional` **rightsManagementNegotiationMethodId**: `string`
+> `optional` **rightsManagementBaseCallbackUrl**: `string`
 
-The rights management verification method id to use when signing/verifying negotiation requests.
-Defaults to policy-negotiation-assertion.
+What is the base callback url for rights management negotiations e.g. https://my-node/rights-management.
+
+***
+
+### rightsManagementInformationSources?
+
+> `optional` **rightsManagementInformationSources**: `string`
+
+The rights management configuration which includes the information sources modules to load.
+Use the @json: prefix to specify the path to the JSON configuration file.
 
 ***
 
@@ -914,11 +913,11 @@ Use the @json: prefix to specify the path to the JSON configuration file.
 
 ***
 
-### rightsManagementInformationSources?
+### rightsManagementRequesters?
 
-> `optional` **rightsManagementInformationSources**: `string`
+> `optional` **rightsManagementRequesters**: `string`
 
-The rights management configuration which includes the information sources modules to load.
+The rights management configuration which includes the requester modules to load.
 Use the @json: prefix to specify the path to the JSON configuration file.
 
 ***
@@ -941,6 +940,24 @@ Use the @json: prefix to specify the path to the JSON configuration file.
 
 ***
 
+### rightsManagementArbiters?
+
+> `optional` **rightsManagementArbiters**: `string`
+
+The rights management configuration which includes the arbiter modules to load.
+Use the @json: prefix to specify the path to the JSON configuration file.
+
+***
+
+### rightsManagementOffers?
+
+> `optional` **rightsManagementOffers**: `string`
+
+The rights management configuration which includes the offer modules to load.
+Use the @json: prefix to specify the path to the JSON configuration file.
+
+***
+
 ### taskSchedulerEnabled?
 
 > `optional` **taskSchedulerEnabled**: `string`
@@ -963,3 +980,12 @@ Is the data space connector enabled, defaults to false.
 
 The application configuration for the data space connector.
 Use the @json: prefix to specify the path to the JSON configuration file.
+
+***
+
+### vcAuthenticationVerificationMethodId?
+
+> `optional` **vcAuthenticationVerificationMethodId**: `string`
+
+Verifiable credential assertion for node to node communication.
+Defaults to node-authentication-assertion.

package/docs/reference/interfaces/IEngineServerEnvironmentVariables.md

@@ -88,6 +88,14 @@ Additional MIME type processors to include, comma separated.
 
 ***
 
+### enableVerifiableCredentialRouteProcessors?
+
+> `optional` **enableVerifiableCredentialRouteProcessors**: `string`
+
+Enable to the route processor for verifiable credentials.
+
+***
+
 ### disableNodeIdentity?
 
 > `optional` **disableNodeIdentity**: `string`

package/docs/reference/interfaces/INodeEnvironmentVariables.md

@@ -1164,19 +1164,6 @@ This only required if using a custom verifiable storage item, otherwise it will
 
 ***
 
-### synchronisedStorageVerificationMethodId?
-
-> `optional` **synchronisedStorageVerificationMethodId**: `string`
-
-The identity verification method id to use with synchronised storage for signing/verifying changesets.
-Defaults to synchronised-storage-assertion.
-
-#### Inherited from
-
-[`IEngineEnvironmentVariables`](IEngineEnvironmentVariables.md).[`synchronisedStorageVerificationMethodId`](IEngineEnvironmentVariables.md#synchronisedstorageverificationmethodid)
-
-***
-
 ### synchronisedStorageBlobStorageEncryptionKeyId?
 
 > `optional` **synchronisedStorageBlobStorageEncryptionKeyId**: `string`
@@ -1324,16 +1311,28 @@ Is the rights management enabled, defaults to false.
 
 ***
 
-### rightsManagementNegotiationMethodId?
+### rightsManagementBaseCallbackUrl?
+
+> `optional` **rightsManagementBaseCallbackUrl**: `string`
+
+What is the base callback url for rights management negotiations e.g. https://my-node/rights-management.
+
+#### Inherited from
+
+[`IEngineEnvironmentVariables`](IEngineEnvironmentVariables.md).[`rightsManagementBaseCallbackUrl`](IEngineEnvironmentVariables.md#rightsmanagementbasecallbackurl)
+
+***
+
+### rightsManagementInformationSources?
 
-> `optional` **rightsManagementNegotiationMethodId**: `string`
+> `optional` **rightsManagementInformationSources**: `string`
 
-The rights management verification method id to use when signing/verifying negotiation requests.
-Defaults to policy-negotiation-assertion.
+The rights management configuration which includes the information sources modules to load.
+Use the @json: prefix to specify the path to the JSON configuration file.
 
 #### Inherited from
 
-[`IEngineEnvironmentVariables`](IEngineEnvironmentVariables.md).[`rightsManagementNegotiationMethodId`](IEngineEnvironmentVariables.md#rightsmanagementnegotiationmethodid)
+[`IEngineEnvironmentVariables`](IEngineEnvironmentVariables.md).[`rightsManagementInformationSources`](IEngineEnvironmentVariables.md#rightsmanagementinformationsources)
 
 ***
 
@@ -1350,16 +1349,16 @@ Use the @json: prefix to specify the path to the JSON configuration file.
 
 ***
 
-### rightsManagementInformationSources?
+### rightsManagementRequesters?
 
-> `optional` **rightsManagementInformationSources**: `string`
+> `optional` **rightsManagementRequesters**: `string`
 
-The rights management configuration which includes the information sources modules to load.
+The rights management configuration which includes the requester modules to load.
 Use the @json: prefix to specify the path to the JSON configuration file.
 
 #### Inherited from
 
-[`IEngineEnvironmentVariables`](IEngineEnvironmentVariables.md).[`rightsManagementInformationSources`](IEngineEnvironmentVariables.md#rightsmanagementinformationsources)
+[`IEngineEnvironmentVariables`](IEngineEnvironmentVariables.md).[`rightsManagementRequesters`](IEngineEnvironmentVariables.md#rightsmanagementrequesters)
 
 ***
 
@@ -1389,6 +1388,32 @@ Use the @json: prefix to specify the path to the JSON configuration file.
 
 ***
 
+### rightsManagementArbiters?
+
+> `optional` **rightsManagementArbiters**: `string`
+
+The rights management configuration which includes the arbiter modules to load.
+Use the @json: prefix to specify the path to the JSON configuration file.
+
+#### Inherited from
+
+[`IEngineEnvironmentVariables`](IEngineEnvironmentVariables.md).[`rightsManagementArbiters`](IEngineEnvironmentVariables.md#rightsmanagementarbiters)
+
+***
+
+### rightsManagementOffers?
+
+> `optional` **rightsManagementOffers**: `string`
+
+The rights management configuration which includes the offer modules to load.
+Use the @json: prefix to specify the path to the JSON configuration file.
+
+#### Inherited from
+
+[`IEngineEnvironmentVariables`](IEngineEnvironmentVariables.md).[`rightsManagementOffers`](IEngineEnvironmentVariables.md#rightsmanagementoffers)
+
+***
+
 ### taskSchedulerEnabled?
 
 > `optional` **taskSchedulerEnabled**: `string`
@@ -1426,6 +1451,19 @@ Use the @json: prefix to specify the path to the JSON configuration file.
 
 ***
 
+### vcAuthenticationVerificationMethodId?
+
+> `optional` **vcAuthenticationVerificationMethodId**: `string`
+
+Verifiable credential assertion for node to node communication.
+Defaults to node-authentication-assertion.
+
+#### Inherited from
+
+[`IEngineEnvironmentVariables`](IEngineEnvironmentVariables.md).[`vcAuthenticationVerificationMethodId`](IEngineEnvironmentVariables.md#vcauthenticationverificationmethodid)
+
+***
+
 ### port?
 
 > `optional` **port**: `string`
@@ -1546,6 +1584,18 @@ Additional MIME type processors to include, comma separated.
 
 ***
 
+### enableVerifiableCredentialRouteProcessors?
+
+> `optional` **enableVerifiableCredentialRouteProcessors**: `string`
+
+Enable to the route processor for verifiable credentials.
+
+#### Inherited from
+
+[`IEngineServerEnvironmentVariables`](IEngineServerEnvironmentVariables.md).[`enableVerifiableCredentialRouteProcessors`](IEngineServerEnvironmentVariables.md#enableverifiablecredentialrouteprocessors)
+
+***
+
 ### disableNodeIdentity?
 
 > `optional` **disableNodeIdentity**: `string`

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@twin.org/node-core",
-	"version": "0.0.2-next.11",
+	"version": "0.0.2-next.13",
 	"description": "TWIN Node Core for serving APIs using the specified configuration",
 	"repository": {
 		"type": "git",
@@ -29,6 +29,7 @@
 		"@twin.org/identity-models": "next",
 		"@twin.org/modules": "next",
 		"@twin.org/rights-management-rest-client": "next",
+		"@twin.org/standards-w3c-odrl": "next",
 		"@twin.org/vault-models": "next",
 		"@twin.org/wallet-models": "next",
 		"dotenv": "17.2.1",